age 1 of 186
SANS - SEC530 FINAL EXAM PREP 2025/2026
COMPLETE QUESTIONS WITH CORRECT DETAILED
ANSWERS || 100% GUARANTEED PASS <BRAND
NEW VERSION>
Which of the following is a recommended USB keyboard
mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D) Restrict USB devices with approved user accounts.
.......Answer.........C) Block the USB devices physically.
,age 2 of 186
Which of the following Cisco IOS commands is used to shut the
port down automatically when the maximum number of MAC
addresses is exceeded?
A) switchport port-security violation shutdown
B) switchport port-security limit rate source-mac-shutdown
C) switchport port-security violation auto-shutdown
D) switchport port-security mac-exceed-port-shutdown
.......Answer.........A) switchport port-security violation shutdown
What is a common failing associated with focusing only on
compliance-drive security?
,age 3 of 186
A) Compliance-driven security tends to focus only on hardening
internal systems.
B) Compliance-driven security tends to focus only on hardening
the perimeter.
C) Compliance-driven security tends to be costly in terms of
solutions and resources.
D) Compliance-driven security tends to fail in the face of a
persistent adversary. .......Answer.........D) Compliance-driven
security tends to fail in the face of a persistent adversary.
Which of the following is described by Lockheed Martin as a
countermeasure action to the Kill Chain?
A) Disrupt
B) Prevent
, age 4 of 186
C) React
D) Remove .......Answer.........A) Disrupt
What is an easy to implement and effective control an
organization can leverage to make pivoting more difficult for an
attacker?
A) WPA2
B) P2P patching
C) Private VLAN
D) VPN .......Answer.........C) Private VLAN
Which type of private VLAN ports may only communicate with
promiscuous ports?
SANS - SEC530 FINAL EXAM PREP 2025/2026
COMPLETE QUESTIONS WITH CORRECT DETAILED
ANSWERS || 100% GUARANTEED PASS <BRAND
NEW VERSION>
Which of the following is a recommended USB keyboard
mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D) Restrict USB devices with approved user accounts.
.......Answer.........C) Block the USB devices physically.
,age 2 of 186
Which of the following Cisco IOS commands is used to shut the
port down automatically when the maximum number of MAC
addresses is exceeded?
A) switchport port-security violation shutdown
B) switchport port-security limit rate source-mac-shutdown
C) switchport port-security violation auto-shutdown
D) switchport port-security mac-exceed-port-shutdown
.......Answer.........A) switchport port-security violation shutdown
What is a common failing associated with focusing only on
compliance-drive security?
,age 3 of 186
A) Compliance-driven security tends to focus only on hardening
internal systems.
B) Compliance-driven security tends to focus only on hardening
the perimeter.
C) Compliance-driven security tends to be costly in terms of
solutions and resources.
D) Compliance-driven security tends to fail in the face of a
persistent adversary. .......Answer.........D) Compliance-driven
security tends to fail in the face of a persistent adversary.
Which of the following is described by Lockheed Martin as a
countermeasure action to the Kill Chain?
A) Disrupt
B) Prevent
, age 4 of 186
C) React
D) Remove .......Answer.........A) Disrupt
What is an easy to implement and effective control an
organization can leverage to make pivoting more difficult for an
attacker?
A) WPA2
B) P2P patching
C) Private VLAN
D) VPN .......Answer.........C) Private VLAN
Which type of private VLAN ports may only communicate with
promiscuous ports?
